Executive Summary:
In May 2012, a major computer security breach happened in University of Nebraska. The breached electronic database included 654,000 Social Security numbers, addresses, transcripts, financial aid information and grades for current and former students. The database also included information for alumni back in 1985 as well as for the new applicants.
The university identified this attack as “sophisticated and skilled” and shut down their system within hours of its discovery. The system didn’t include financial records for every student and the bank accounts were listed only for the ones that received direct deposit refund for the dropped classes. The UN created a website for questions and updates on ongoing investigation and sent out thousands of notification emails to current and former students.
Analysis:
In this article, the university states that they take “the protection of students and alumni information very seriously”. The breach of their electronic database is yet another example of weak security control.
The breach of the NU Student Information System database has raised serious concerns about the security of student files stored via online university database.
Database security should be built upon a framework encompassing confidentiality, integrity and availability. The access to the student information database should be limited and incorporate authentication, authorization, and access control. The firewalls take a big role in a security. While border firewalls protect from the external attacks, internal firewalls are desirable as well because they control traffic flowing between different parts of the entity’s internal network and can stop internally generated attacks. The firewall logs should be carefully and frequently monitored. To insure stronger database protection, the hosts (servers, clients, routers, firewalls) should be protected. It includes restricting physical access to the host, frequent host backups, managing users and access permissions for these users, data encryption, host firewalls, installation of the operating systems with secure configuration options and frequent review of operation systems logs for suspicious items. In an event of possible attack, all default passwords should be replaced with strong passwords immediately. It is important to implement security policies as well to protect computing resources and minimize corporate liability and legal compliance.
Executive Summary:
In May 2012, a major computer security breach happened in University of Nebraska. The breached electronic database included 654,000 Social Security numbers, addresses, transcripts, financial aid information and grades for current and former students. The database also included information for alumni back in 1985 as well as for the new applicants.
The university identified this attack as “sophisticated and skilled” and shut down their system within hours of its discovery. The system didn’t include financial records for every student and the bank accounts were listed only for the ones that received direct deposit refund for the dropped classes. The UN created a website for questions and updates on ongoing investigation and sent out thousands of notification emails to current and former students.
Analysis:
In this article, the university states that they take “the protection of students and alumni information very seriously”. The breach of their electronic database is yet another example of weak security control.
The breach of the NU Student Information System database has raised serious concerns about the security of student files stored via online university database.
Database security should be built upon a framework encompassing confidentiality, integrity and availability. The access to the student information database should be limited and incorporate authentication, authorization, and access control. The firewalls take a big role in a security. While border firewalls protect from the external attacks, internal firewalls are desirable as well because they control traffic flowing between different parts of the entity’s internal network and can stop internally generated attacks. The firewall logs should be carefully and frequently monitored. To insure stronger database protection, the hosts (servers, clients, routers, firewalls) should be protected. It includes restricting physical access to the host, frequent host backups, managing users and access permissions for these users, data encryption, host firewalls, installation of the operating systems with secure configuration options and frequent review of operation systems logs for suspicious items. In an event of possible attack, all default passwords should be replaced with strong passwords immediately. It is important to implement security policies as well to protect computing resources and minimize corporate liability and legal compliance.